The Department of Health and Human Services (HHS) is warning about a new strain of ransomware affecting the health care sector.

Petya ransomware, part of the GoldenEye ransomware family, spread through an auto-update to MeDocs, Ukrainian accounting software. This strain is unique because the virus is capable of self-replication.

To respond to this threat, the National Health Information Sharing and Analysis Center has tested a “vaccine file” or killswitch to prevent the infection from spreading. In addition, HHS encourages users to install the latest Microsoft security patches, use a reliable antivirus program, subscribe to the Critical Infrastructure Program email newsletter, and follow the United States Computer Emergency Readiness Team (US-CERT) for updates.

Meanwhile, HHS directs victims of a ransomware attack to:

America’s Essential Hospitals has established a resource page dedicated to cybersecurity threats. Visit this page regularly for new and updated information.

Contact Director of Policy Erin O’Malley at or 202.585.0127 with questions.